Organization Management

Applications should use STRATO Mercata's X.509 Identity solution to determine a user’s membership in an organization. Applications should not create application-specific user-to-organization assignments or similar data structure. Therefore an application cannot arbitrarily manage users' organizations.

On the other hand, applications are allowed to add data about an organization (on the application level) if their app needs it. For example, since a user’s X.509 Identity only contains a user’s Organization name, but not the org’s address, email, phone, etc, it might be necessary to create an app-level entity of an organization that contains this info, and can be operated on and manipulated by your app.

Your app may deal with a set of known organizations that will use and have roles in the app. In this case, it may be beneficial to hard-code these organization names into your app with their corresponding role, so that when a user from that organization logs in, they already have the necessary permissions. It might also be useful to hardcode application logic to only allow users from specific organizations to complete actions.

Getting User Organizational Information

contract OrgGetter {

    constructor() {}

    function getUserOrgInfo(address _user) returns (string, string) {
        mapping(string => string) userCert = getUserCert(_user);
        return (userCert["organization"], userCert["organizationalUnit"]);
    }
}